CVE-2026-23053 - Vulnerability Details

- NFS: Fix a deadlock involving nfs_release_folio()

Description

In the Linux kernel, the following vulnerability has been resolved:

NFS: Fix a deadlock involving nfs_release_folio()

Wang Zhaolong reports a deadlock involving NFSv4.1 state recovery
waiting on kthreadd, which is attempting to reclaim memory by calling
nfs_release_folio(). The latter cannot make progress due to state
recovery being needed.

It seems that the only safe thing to do here is to kick off a writeback
of the folio, without waiting for completion, or else kicking off an
asynchronous commit.

Published: 2026-02-04

Score: 7.0 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The Linux kernel contains a deadlock bug in the NFSv4.1 state recovery path involving nfs_release_folio(). During state recovery, the kernel attempts to reclaim memory by calling nfs_release_folio(), but this call stalls because the state recovery process is also waiting to be completed. The resulting lock cycle can cause the kernel to freeze or the NFS service to become unresponsive, leading to a denial of service for clients depending on the affected server.

Affected Systems

The vulnerability is present in the Linux kernel NFS subsystem across all distributions that ship the unpatched kernel code. Any Linux installation using the affected kernel is potentially impacted.

Risk and Exploitability

The severity score of 7.0 indicates a moderate to high risk to availability. The EPSS score is less than 1 percent, suggesting that the likelihood of active exploitation is low at the present time. The vulnerability is not listed in the CISA KEV catalog. An attacker would need to trigger the NFS state recovery mechanism, which typically requires an NFS client interacting with a server that performs NFSv4.1 state recovery. Because the bug resides in kernel code, exploitation would require either local privilege escalation to the server or an exploitation vector that can provoke the deadlock.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`96780ca55e3cbf4f150fd5a833a61492c9947b5b`	affected	< a4810f8beb0122f032f10735f98d257aa6064f4c
`96780ca55e3cbf4f150fd5a833a61492c9947b5b`	affected	< 49d352bc263fe4a834233338bfaad31b3109addf
`96780ca55e3cbf4f150fd5a833a61492c9947b5b`	affected	< 19b4d9ab5e77843eac0429c019470c02f8710b55
`96780ca55e3cbf4f150fd5a833a61492c9947b5b`	affected	< cce0be6eb4971456b703aaeafd571650d314bcca

Linux

affected

Version	Status	Constraints
`6.3`	affected	—
`0`	unaffected	< 6.3
`6.6.130`	unaffected	≤ 6.6.*
`6.12.67`	unaffected	≤ 6.12.*
`6.18.7`	unaffected	≤ 6.18.*
`6.19`	unaffected	≤ *

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade the Linux kernel to a version that includes the fix for CVE-2026-23053. The patch is available in the upstream kernel repository as referenced in the provided links, so install the latest stable release.
If immediate kernel upgrade is not feasible, consider temporarily disabling NFSv4.1 state recovery on the server or limiting NFS client mounts to NFSv3 until a patch is applied.
Monitor the server for signs of NFS stalls or kernel timeouts and apply any vendor-released updates as soon as they become available.

Generated by OpenCVE AI on April 16, 2026 at 06:59 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Debian DSA	DSA-6126-1	linux security update

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00026.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/19b4d9ab5e77843eac0429c019470c02f8710b55
https://git.kernel.org/stable/c/49d352bc263fe4a834233338bfaad31b3109addf
https://git.kernel.org/stable/c/a4810f8beb0122f032f10735f98d257aa6064f4c
https://git.kernel.org/stable/c/cce0be6eb4971456b703aaeafd571650d314bcca
https://lore.kernel.org/linux-cve-announce/2026020451-CVE-2026-23053-f630@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-23053
https://www.cve.org/CVERecord?id=CVE-2026-23053

History

Thu, 16 Apr 2026 07:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-873

Wed, 25 Mar 2026 10:45:00 +0000

Type	Values Removed	Values Added
References		https://git.kernel.org/stable/c/a4810f8beb0122f032f10735f98d257aa6064f4c

Thu, 05 Feb 2026 12:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2026020451-CVE-2026-23053-f630@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-23053 https://www.cve.org/CVERecord?id=CVE-2026-23053
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}` threat_severity `Moderate`

Wed, 04 Feb 2026 16:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a deadlock involving nfs_release_folio() Wang Zhaolong reports a deadlock involving NFSv4.1 state recovery waiting on kthreadd, which is attempting to reclaim memory by calling nfs_release_folio(). The latter cannot make progress due to state recovery being needed. It seems that the only safe thing to do here is to kick off a writeback of the folio, without waiting for completion, or else kicking off an asynchronous commit.
Title		NFS: Fix a deadlock involving nfs_release_folio()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/19b4d9ab5e77843eac0429c019470c02f8710b55 https://git.kernel.org/stable/c/49d352bc263fe4a834233338bfaad31b3109addf https://git.kernel.org/stable/c/cce0be6eb4971456b703aaeafd571650d314bcca

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-02-04T16:04:22.574Z

Updated: 2026-03-25T10:20:14.351Z

Reserved: 2026-01-13T15:37:45.950Z

Link: CVE-2026-23053

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2026-02-04T17:16:15.970

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-23053

Redhat

Severity : Moderate

Publid Date: 2026-02-04T00:00:00Z

Links: CVE-2026-23053 - Bugzilla

OpenCVE Enrichment

Updated: 2026-04-16T07:00:11Z

Weaknesses

CWE-873

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object